Integer overflows were reported in the GD Graphics Library (libgd)
2.0.28, and possibly other versions. These overflows allow remote
attackers to cause a denial of service and possibly execute arbitrary
code via PNG image files with large image rows values that lead to a
heap-based buffer overflow in the gdImageCreateFromPngCtx() function.
Libwmf contains an embedded copy of the GD library code. (CVE-2004-0990)

Update:

The previous update incorrectly attributed the advisory text to
CVE-2004-0941, while it should have been CVE-2004-0990. Additional
review of the code found fixes for CVE-2004-0941 were missing and have
also been included in this update.